[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Security: FreeBSD vs OpenBSD
Yes, because obviously we can either have a packet filter on *each and
every* machine on the network, or on none at all. There never, ever, could
be a bunch of machines with no packet filters running behind some kind of
crazy barrier machine that would serve as some kind of buffer between the
servers and the Internet. I like to call this crazy buffering machine a
"firewall", but I don't think the term is very common.
At 12:43 AM 04/02/2002 -0800, David S. wrote:
> > From an administration, security, and policy standpoint running a packet
> > filter on every machine seems like a fine idea to me. Could there be
> > performance issues though?
>Yes, your servers will DoS eBay, CNN, or some other hapless web site much
>more effectively without pesky packet filter to get in the way.